Hi,

We have a Cisco 7600 series device with IPsec SPA module and I'm trying to configure a L2L VPN with a remote site with Cisco 3000 series VPN device.

(We have several working VPN connections to lots of different types of VPN devices)

I have run into a problem trying to establish the latest VPN connection and cant quite make out whats going wrong. We have tried to make sure that all parameters are macthing on both sides but still the debug ends the same way when I try to ping the remote networks

This is basicly the part of debug where to me it seems that things start to go wrong. And because of my limited knowledge of VPN I dont really know what to make out of it.

Dec 16 2010 10:08:57.370 UTC: ISAKMP:(72471):Expected <profile name> profile doesn't match, aborting exchange
Dec 16 2010 10:08:57.370 UTC: ISAKMP (72471): FSM action returned error: 2
Dec 16 2010 10:08:57.370 UTC: ISAKMP:(72471):Input = IKE_MESG_FROM_PEER, IKE_MM_EXCH
Dec 16 2010 10:08:57.370 UTC: ISAKMP:(72471):Old State = IKE_I_MM5  New State = IKE_I_MM6

Dec 16 2010 10:08:57.370 UTC: ISAKMP:(72471):peer does not do paranoid keepalives.

Dec 16 2010 10:08:57.370 UTC: ISAKMP:(72471):deleting SA reason "IKMP_ERR_NO_RETRANS" state (I) MM_KEY_EXCH (peer x.x.x.x)
Dec 16 2010 10:08:57.370 UTC: ISAKMP:(72471):Input = IKE_MESG_INTERNAL, IKE_PROCESS_MAIN_MODE
Dec 16 2010 10:08:57.370 UTC: ISAKMP:(72471):Old State = IKE_I_MM6  New State = IKE_I_MM6

I have tried to find some material which would help me understand what the actual debug messages tell me. I have found only one Cisco document but the content is really lacking.

Does anyone have any idea what the above debug message actually means?

Does anyone have links to good documents that would help me understand all the debugging messages (not just this. Any VPN debugging really)

-JF